Petya ransomware, along with its variant GoldenEye, has struck governments, companies and individuals worldwide. This ransomware outbreak is so disastrous that even those who have patched their Windows systems may still get attacked, causing huge financial losses.

To fight against cybercriminals, 360 has created Ransomware Decryption Tool to save computers hijacked by ransomware. This tool can bring back files from more than 80 ransomware. Petya, GoldenEye and their notorious precedent WannaCry are all on the decryption support list.

6. Important Note: If you entered the key incorrectly, you would see the message below. In this situation, do not continue to enter the key. Reboot your PC and enter the key again.

7. Now your operating system is unlocked.

【Decryption instructions for the Red Skeleton Version】

Follow the same steps mentioned previously. (The decryption code is longer than the one in the GoldenEye ransom note.)

After entering your decryption key, you will see the message below. This means your system has been unlocked.

If you are using Windows 7 or a later version, Petya encrypts not only your system but also files in the infected PC. The hijacked files are appended with an 8-character extension name. The ransomware also creates a file “YOUR_FILES_ARE_ENCRYPTED.TXT” in the desktop folder.

To save your files, use 360 Ransomware Decryption Tool to scan the folder where your files are encrypted.

Wait until 360 Ransomware Decryption Tool brings your files back. (Do not turn off the tool before the process completes, or files may be corrupted).

Ransomware is not an one time attack. Check our Anti-Ransomware Arsenal, including 360 Document Protector and NSA Cyber Weapons Defense Tool, prepared to protect you against ransomware. Your safety is 360’s biggest concern of all time.